package com.pmlt.controller;

import cn.hutool.core.lang.Assert;
import cn.hutool.core.map.MapUtil;
import cn.hutool.crypto.SecureUtil;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.pmlt.common.dto.LoginDto;
import com.pmlt.common.lang.Result;
import com.pmlt.entity.User;
import com.pmlt.service.UserService;
import com.pmlt.utils.JwtUtil;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletResponse;

/**
 * @Author:wen-tlp
 * @Date:2021/12/25 11:55
 */
@RestController
public class AccountController {

    @Autowired
    UserService userService;

    @Autowired
    JwtUtil jwtUtil;

    @RequestMapping("/login") // http://localhost:8081/login
    public Result login(@Validated @RequestBody LoginDto loginDto, HttpServletResponse response){
        User user = userService.getOne(new QueryWrapper<User>().eq("username", loginDto.getUsername()));
        Assert.notNull(user,"用户不存在");//断言拦截
        //        if(!user.getPassword().equals(SecureUtil.md5(loginDto.getPassword()))){
//            // 密码不同则抛出异常
//            return Result.fail("密码不正确");
//        }

        if(!user.getPassword().equals(loginDto.getPassword())){ // 密码不同则抛出异常
            return Result.fail("密码不正确");
        }
        String jwt = jwtUtil.generateToken(user.getId());

        // 将token 放在我们的header里面
        response.setHeader("Authorization",jwt);
        response.setHeader("Access-control-Expose-Headers","Authorization");

        return Result.succ(MapUtil.builder()
                .put("id",user.getId())
                .put("username",user.getUsername())
                .put("avatar",user.getAvatar())
                .put("email",user.getEmail()).map()

        );
    }

    // 需要认证权限才能退出登录
    @RequiresAuthentication
    @RequestMapping("/logout")
    public Result logout() {
        // 退出登录
        SecurityUtils.getSubject().logout();
        return Result.succ("注销成功");
    }

}
